faeca105997461371c7d30ac7db0026d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

faeca105997461371c7d30ac7db0026d_JaffaCakes118
Size

111KB
MD5

faeca105997461371c7d30ac7db0026d
SHA1

f8c731ae8d8386e1a844f0e6cbd295e0a3866d90
SHA256

39434266141a373d7c043ab25fbe9c76f9d40de44eb2a42458e8359f5fdd0a55
SHA512

917f3bed45a749657e4e22fd42eb78485a564d9c9d772127f28ed7d24333355c81f011edb8b91bbb731fc5d046edddea8cea7373ba9b3001e8900acb791651f8
SSDEEP

768:ml19SSlhQ8DTBir33xB45QmM/19UhX7paU22MfTBir3LsEU58mM/19UhX7paUUEf:2mrDAeJIULsAPHBLBSU4bUHJBrXevPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faeca105997461371c7d30ac7db0026d_JaffaCakes118

Files

faeca105997461371c7d30ac7db0026d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

e94d0a39eea14121deae1ac4d66f0958

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

o:\OOO320\src\i18npool\wntmsci12.pro\bin\localedata_es.pdb

Imports

localedata_en

getOutlineNumberingLevels_en_US
getContinuousNumberingLevels_en_US
getTransliterations_en_US
getSearchOptions_en_US
getCollationOptions_en_US
getCollatorImplementation_en_US

msvcr90

_adjust_fdiv
_amsg_exit
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
__CppXcptFilter

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

Exports

Exports

GetVersionInfo
getAllCalendars_es_AR
getAllCalendars_es_BO
getAllCalendars_es_CL
getAllCalendars_es_CO
getAllCalendars_es_CR
getAllCalendars_es_DO
getAllCalendars_es_EC
getAllCalendars_es_ES
getAllCalendars_es_GT
getAllCalendars_es_HN
getAllCalendars_es_MX
getAllCalendars_es_NI
getAllCalendars_es_PA
getAllCalendars_es_PE
getAllCalendars_es_PR
getAllCalendars_es_PY
getAllCalendars_es_SV
getAllCalendars_es_UY
getAllCalendars_es_VE
getAllCalendars_gl_ES
getAllCurrencies_es_AR
getAllCurrencies_es_BO
getAllCurrencies_es_CL
getAllCurrencies_es_CO
getAllCurrencies_es_CR
getAllCurrencies_es_DO
getAllCurrencies_es_EC
getAllCurrencies_es_ES
getAllCurrencies_es_GT
getAllCurrencies_es_HN
getAllCurrencies_es_MX
getAllCurrencies_es_NI
getAllCurrencies_es_PA
getAllCurrencies_es_PE
getAllCurrencies_es_PR
getAllCurrencies_es_PY
getAllCurrencies_es_SV
getAllCurrencies_es_UY
getAllCurrencies_es_VE
getAllCurrencies_gl_ES
getAllFormats0_es_AR
getAllFormats0_es_BO
getAllFormats0_es_CL
getAllFormats0_es_CO
getAllFormats0_es_CR
getAllFormats0_es_DO
getAllFormats0_es_EC
getAllFormats0_es_ES
getAllFormats0_es_GT
getAllFormats0_es_HN
getAllFormats0_es_MX
getAllFormats0_es_NI
getAllFormats0_es_PA
getAllFormats0_es_PE
getAllFormats0_es_PR
getAllFormats0_es_PY
getAllFormats0_es_SV
getAllFormats0_es_UY
getAllFormats0_es_VE
getAllFormats0_gl_ES
getBreakIteratorRules_es_AR
getBreakIteratorRules_es_BO
getBreakIteratorRules_es_CL
getBreakIteratorRules_es_CO
getBreakIteratorRules_es_CR
getBreakIteratorRules_es_DO
getBreakIteratorRules_es_EC
getBreakIteratorRules_es_ES
getBreakIteratorRules_es_GT
getBreakIteratorRules_es_HN
getBreakIteratorRules_es_MX
getBreakIteratorRules_es_NI
getBreakIteratorRules_es_PA
getBreakIteratorRules_es_PE
getBreakIteratorRules_es_PR
getBreakIteratorRules_es_PY
getBreakIteratorRules_es_SV
getBreakIteratorRules_es_UY
getBreakIteratorRules_es_VE
getBreakIteratorRules_gl_ES
getCollationOptions_es_AR
getCollationOptions_es_BO
getCollationOptions_es_CL
getCollationOptions_es_CO
getCollationOptions_es_CR
getCollationOptions_es_DO
getCollationOptions_es_EC
getCollationOptions_es_ES
getCollationOptions_es_GT
getCollationOptions_es_HN
getCollationOptions_es_MX
getCollationOptions_es_NI
getCollationOptions_es_PA
getCollationOptions_es_PE
getCollationOptions_es_PR
getCollationOptions_es_PY
getCollationOptions_es_SV
getCollationOptions_es_UY
getCollationOptions_es_VE
getCollationOptions_gl_ES
getCollatorImplementation_es_AR
getCollatorImplementation_es_BO
getCollatorImplementation_es_CL
getCollatorImplementation_es_CO
getCollatorImplementation_es_CR
getCollatorImplementation_es_DO
getCollatorImplementation_es_EC
getCollatorImplementation_es_ES
getCollatorImplementation_es_GT
getCollatorImplementation_es_HN
getCollatorImplementation_es_MX
getCollatorImplementation_es_NI
getCollatorImplementation_es_PA
getCollatorImplementation_es_PE
getCollatorImplementation_es_PR
getCollatorImplementation_es_PY
getCollatorImplementation_es_SV
getCollatorImplementation_es_UY
getCollatorImplementation_es_VE
getCollatorImplementation_gl_ES
getContinuousNumberingLevels_es_AR
getContinuousNumberingLevels_es_BO
getContinuousNumberingLevels_es_CL
getContinuousNumberingLevels_es_CO
getContinuousNumberingLevels_es_CR
getContinuousNumberingLevels_es_DO
getContinuousNumberingLevels_es_EC
getContinuousNumberingLevels_es_ES
getContinuousNumberingLevels_es_GT
getContinuousNumberingLevels_es_HN
getContinuousNumberingLevels_es_MX
getContinuousNumberingLevels_es_NI
getContinuousNumberingLevels_es_PA
getContinuousNumberingLevels_es_PE
getContinuousNumberingLevels_es_PR
getContinuousNumberingLevels_es_PY
getContinuousNumberingLevels_es_SV
getContinuousNumberingLevels_es_UY
getContinuousNumberingLevels_es_VE
getContinuousNumberingLevels_gl_ES
getFollowPageWords_es_AR
getFollowPageWords_es_BO
getFollowPageWords_es_CL
getFollowPageWords_es_CO
getFollowPageWords_es_CR
getFollowPageWords_es_DO
getFollowPageWords_es_EC
getFollowPageWords_es_ES
getFollowPageWords_es_GT
getFollowPageWords_es_HN
getFollowPageWords_es_MX
getFollowPageWords_es_NI
getFollowPageWords_es_PA
getFollowPageWords_es_PE
getFollowPageWords_es_PR
getFollowPageWords_es_PY
getFollowPageWords_es_SV
getFollowPageWords_es_UY
getFollowPageWords_es_VE
getFollowPageWords_gl_ES
getForbiddenCharacters_es_AR
getForbiddenCharacters_es_BO
getForbiddenCharacters_es_CL
getForbiddenCharacters_es_CO
getForbiddenCharacters_es_CR
getForbiddenCharacters_es_DO
getForbiddenCharacters_es_EC
getForbiddenCharacters_es_ES
getForbiddenCharacters_es_GT
getForbiddenCharacters_es_HN
getForbiddenCharacters_es_MX
getForbiddenCharacters_es_NI
getForbiddenCharacters_es_PA
getForbiddenCharacters_es_PE
getForbiddenCharacters_es_PR
getForbiddenCharacters_es_PY
getForbiddenCharacters_es_SV
getForbiddenCharacters_es_UY
getForbiddenCharacters_es_VE
getForbiddenCharacters_gl_ES
getIndexAlgorithm_es_AR
getIndexAlgorithm_es_BO
getIndexAlgorithm_es_CL
getIndexAlgorithm_es_CO
getIndexAlgorithm_es_CR
getIndexAlgorithm_es_DO
getIndexAlgorithm_es_EC
getIndexAlgorithm_es_ES
getIndexAlgorithm_es_GT
getIndexAlgorithm_es_HN
getIndexAlgorithm_es_MX
getIndexAlgorithm_es_NI
getIndexAlgorithm_es_PA
getIndexAlgorithm_es_PE
getIndexAlgorithm_es_PR
getIndexAlgorithm_es_PY
getIndexAlgorithm_es_SV
getIndexAlgorithm_es_UY
getIndexAlgorithm_es_VE
getIndexAlgorithm_gl_ES
getLCInfo_es_AR
getLCInfo_es_BO
getLCInfo_es_CL
getLCInfo_es_CO
getLCInfo_es_CR
getLCInfo_es_DO
getLCInfo_es_EC
getLCInfo_es_ES
getLCInfo_es_GT
getLCInfo_es_HN
getLCInfo_es_MX
getLCInfo_es_NI
getLCInfo_es_PA
getLCInfo_es_PE
getLCInfo_es_PR
getLCInfo_es_PY
getLCInfo_es_SV
getLCInfo_es_UY
getLCInfo_es_VE
getLCInfo_gl_ES
getLocaleItem_es_AR
getLocaleItem_es_BO
getLocaleItem_es_CL
getLocaleItem_es_CO
getLocaleItem_es_CR
getLocaleItem_es_DO
getLocaleItem_es_EC
getLocaleItem_es_ES
getLocaleItem_es_GT
getLocaleItem_es_HN
getLocaleItem_es_MX
getLocaleItem_es_NI
getLocaleItem_es_PA
getLocaleItem_es_PE
getLocaleItem_es_PR
getLocaleItem_es_PY
getLocaleItem_es_SV
getLocaleItem_es_UY
getLocaleItem_es_VE
getLocaleItem_gl_ES
getOutlineNumberingLevels_es_AR
getOutlineNumberingLevels_es_BO
getOutlineNumberingLevels_es_CL
getOutlineNumberingLevels_es_CO
getOutlineNumberingLevels_es_CR
getOutlineNumberingLevels_es_DO
getOutlineNumberingLevels_es_EC
getOutlineNumberingLevels_es_ES
getOutlineNumberingLevels_es_GT
getOutlineNumberingLevels_es_HN
getOutlineNumberingLevels_es_MX
getOutlineNumberingLevels_es_NI
getOutlineNumberingLevels_es_PA
getOutlineNumberingLevels_es_PE
getOutlineNumberingLevels_es_PR
getOutlineNumberingLevels_es_PY
getOutlineNumberingLevels_es_SV
getOutlineNumberingLevels_es_UY
getOutlineNumberingLevels_es_VE
getOutlineNumberingLevels_gl_ES
getReservedWords_es_AR
getReservedWords_es_BO
getReservedWords_es_CL
getReservedWords_es_CO
getReservedWords_es_CR
getReservedWords_es_DO
getReservedWords_es_EC
getReservedWords_es_ES
getReservedWords_es_GT
getReservedWords_es_HN
getReservedWords_es_MX
getReservedWords_es_NI
getReservedWords_es_PA
getReservedWords_es_PE
getReservedWords_es_PR
getReservedWords_es_PY
getReservedWords_es_SV
getReservedWords_es_UY
getReservedWords_es_VE
getReservedWords_gl_ES
getSearchOptions_es_AR
getSearchOptions_es_BO
getSearchOptions_es_CL
getSearchOptions_es_CO
getSearchOptions_es_CR
getSearchOptions_es_DO
getSearchOptions_es_EC
getSearchOptions_es_ES
getSearchOptions_es_GT
getSearchOptions_es_HN
getSearchOptions_es_MX
getSearchOptions_es_NI
getSearchOptions_es_PA
getSearchOptions_es_PE
getSearchOptions_es_PR
getSearchOptions_es_PY
getSearchOptions_es_SV
getSearchOptions_es_UY
getSearchOptions_es_VE
getSearchOptions_gl_ES
getTransliterations_es_AR
getTransliterations_es_BO
getTransliterations_es_CL
getTransliterations_es_CO
getTransliterations_es_CR
getTransliterations_es_DO
getTransliterations_es_EC
getTransliterations_es_ES
getTransliterations_es_GT
getTransliterations_es_HN
getTransliterations_es_MX
getTransliterations_es_NI
getTransliterations_es_PA
getTransliterations_es_PE
getTransliterations_es_PR
getTransliterations_es_PY
getTransliterations_es_SV
getTransliterations_es_UY
getTransliterations_es_VE
getTransliterations_gl_ES
getUnicodeScripts_es_AR
getUnicodeScripts_es_BO
getUnicodeScripts_es_CL
getUnicodeScripts_es_CO
getUnicodeScripts_es_CR
getUnicodeScripts_es_DO
getUnicodeScripts_es_EC
getUnicodeScripts_es_ES
getUnicodeScripts_es_GT
getUnicodeScripts_es_HN
getUnicodeScripts_es_MX
getUnicodeScripts_es_NI
getUnicodeScripts_es_PA
getUnicodeScripts_es_PE
getUnicodeScripts_es_PR
getUnicodeScripts_es_PY
getUnicodeScripts_es_SV
getUnicodeScripts_es_UY
getUnicodeScripts_es_VE
getUnicodeScripts_gl_ES

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e94d0a39eea14121deae1ac4d66f0958

Headers

File Characteristics

PDB Paths

Imports

localedata_en

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 9KB